| DESCRIPTION OF ENHANCEMENTS |
This patch addresses the following issue:
------------------
for the PPS-N application. Support for RSA keys are anticipated to be
deprecated in the future, so to maintain Vista's security posture and
ensure continuous operation of required Vista processes, software
utilizing SSH PKI user keys must be updated to support the stronger ECDSA
encryption key.
The modification should allow the creation of any ECDSA keys to be forward
compatible when Red Hat Enterprise Linux (RHEL 8) is implemented.
Resolution:
N/A
-----------
File PPS-N UPDATE CONTROL (#57.23) field SFTP SSH KEY ENCRYPTION (#41) is
modified to add code ECDSA (Elliptic Curve Digital Signature Algorithm).
Modify PSNOSKEY to allow the ECDSA key to be created, viewed,
deleted, and update the help text.
Routine PSNPARM is modified to use new field ECDSA (#11) in the
PPS-N UPDATE CONTROL FILE (#57.23) in option PPS-N Site Parameters
(Enter/Edit) to set if ECDSA keys are allowed to be created.
Patch Components:
-----------------
Files & Fields Associated:
File Name (Number) Field Name (Number) New/Modified/Deleted
------------------ ------------------- --------------------
PPS-N UPDATE CONTROL SFTP SSH KEY ENCRYPTION Modified
(#57.23) (#41)
PPS-N UPDATE CONTROL ECDSA New
(57.23) (#11)
Forms Associated:
ECDSA/EDDSA Key creation
Form Name File Number New/Modified/Deleted
--------- ----------- --------------------
N/A
Mail Groups Associated:
Mail Group Name New/Modified/Deleted
--------------- --------------------
N/A
Options Associated:
Option Name Type New/Modified/Deleted
----------- ---- --------------------
N/A
Protocols Associated:
Protocol Name New/Modified/Deleted
------------- --------------------
Defect Tracking System Ticket(s) & Overview:
N/A
Security Keys Associated:
Security Key Name
-----------------
N/A
Templates Associated:
Template Name Type File Name (Number) New/Modified/Deleted
------------- ---- ------------------ --------------------
N/A
Remote Procedures Associated:
Remote Procedure Name New/Modified/Deleted
--------------------- --------------------
N/A
1. INC26749697 - ECDSA KEY CREATION
Parameter Definitions Associated:
Parameter Name New/Modified/Deleted
-------------- --------------------
N/A
Additional Information:
-----------------------
New Service Requests (NSRs):
N/A
Patient Safety Issues (PSIs):
-----------------------------
N/A
Problem:
--------
With the implementation of Red Hat Enterprise Linux (RHEL 8) stronger
encryption key ECDSA is now available and supported. PPS-N
Associated NSR(s):
application at this time is using RSA type SSH key for connecting to the
PPS-N server to receive the dat file that is used for updating Nation
Drug files.
New keys added:
Elliptic Curve Digital Signature Algorithm (ECDSA)
ECDSA keys can created for encryption length of 256, 384 or 521 bits.
Necessary changes are required to allow creation of ECDSA key
|